Security Updates - CVE Database

List of security vulnerabilities fixed in NetFlow Analyzer

This page contains a list of all security vulnerabilities fixed in NetFlow Analyzer along with its CVE ID and fixed build number. Go to ManageEngine's Security Response Center to report vulnerabilities on ManageEngine products.

CVE ID Synopsis Severity Fixed in version Link to latest build
CVE-2019-17421 Incorrect file permissions on the packaged Nipper executable file Medium 124079 and 124099 Download
CVE-2017-11560 HTML Injection vulnerability Medium 124033
Internal An operator user could access some restricted folders by bypassing the session. High 123241
CVE-2018-19403 Unauthenticated Remote Code Execution (RCE) vulnerability High 123231
CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427 XSS vulnerability in input text boxes in the Reports and Settings page High 123323
CVE-2019-8925, CVE-2019-8926, CVE-2019-8927, CVE-2019-8928, CVE-2019-8929 Path traversal vulnerability High 123323
CVE-2008-0128 Tomcat Vulnerability Medium 124024
CVE-2019-12196 SQL Injection vulnerability in Compare reports High 124029
CVE-2018-10803 Cross-site Scripting (XSS) in add Credential page Medium 123125
CVE-2018-12997, CVE-2018-12998 Arbitrary web script or HTML injection Medium 123169